The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
What does dividing a letter by two even mean? As a developer I'd think of its ASCII integer value, but mere mortals wouldn't be asked that question. Its position in the alphabet? For odd-numbered letters, do you then round up, or down?
(Once again, I'm probably overthinking this, and it wasn't the point to your post anyway...)
The problem with these "secret questions" is that the answer isn't always necessarily difficult to answer. Wasn't there a well-publicized case a few years ago of some government official who managed to get some hacker to successfully go through an email password reset procedure, because all of the questions could be googled (like what high school did he go to, or the name of his dog, all of which he had answered at one point or another in various interviews or they were part of his page on Wikipedia...)?
Of course being a "nobody" myself, I don't have to worry about that aspect, but still - when I'm asked these questions for an important site, the answer I provide is as long and complex and non-memorable as the output of a password generator. Which defeats the "easy to answer" purpose of these questions, but I believe those are a bad idea to begin with.
Exactly, pretty impossible to answer the question, right?
Let alone how you would know the name of your great great great great grandson because most people don't live that long
And then there are the assumptions that all those generations will have children, that specific generation will have a boy and he'll have at least two names with the second having at least three letters.
That was kind of my point, those questions are impossible to answer
Funny how you were only wondering about the dividing a letter part though
In the U. S. of A, many financial institution have been using this for some years. Often having as many as five such questions so you could be asked for any one or more of them.
As a rule, I don't give real answers - but rather something deducible from an algorithm (in my head only - hacking that would be a bloody mess - as you French well know).
Why the algorithm? Well - it turns out that all of these places are now accumulating even more personal information about you that only you should know. Even more candy for that inevitable day they get hacked.
My (US) government run sites validate by sending me a key via email - so someone needs to know where I get their email. On one site, passwords are entered via mouse on a little online keyboard - so it cannot be key-logged (they change the references every time).
You don't have to give a "true" answer to the security questions. You just have to give an answer you remember. When does your drivers license expire? On your birthday in 2028. What's your electric company's account number? 12345. And the best way to keep it all straight - a password manager program like KeePass.
Does it really matter what answer you give? I mean, if you chose the utility company client id , couldn’t you just give them a bogus number, and log that in your password manager’s notes?
It’s not likely that they’ll contact the utility to make sure you’re not lying.
I get to pick from four pre-defined questions, but they are so difficult that even I can't answer them!
Then use the standard answer -- "Burma!"
Seriously, there's no reason to answer those "security" questions with anything even resembling a real answer. They're only going to be used as less-secure passwords anyway, and posing them as a "security" question that you give a truthful answer to only makes them more easily guessable by hackers. Just write it down like any other password and keep it next to the main password. Besides, who's to say you didn't name your first cat C&4x# anyway.
You know you don't have to give the real answers, don't you? The questions are just placeholders really; so unless they force numeric-only then just type in your reaction which is likely to be similar in 6 or 12 months. Q. "What is your electricity account number?" A. "What a bloody stupid question". Even your electric company won't hack your account.
Since most of the questions that are asked in these scenarios are actually publicly-available data (e.g. what's your mother's maiden name, what was your first school) it's really more secure to just make up some random sentence as a form of long password.